package com.itheima.controller;

import com.alibaba.dubbo.config.annotation.Reference;
import com.itheima.constant.MessageConstant;
import com.itheima.entity.Result;
import com.itheima.pojo.User;
import com.itheima.service.UserService;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.util.Map;

/**
 * 用户管理控制层
 */
@RestController
@RequestMapping("/user")
public class UserController {

    @Reference
    private UserService userService;

    /**
     * 获取用户名 从SecurityContextHolder获取用户数据
     *
     * @return
     */
    @RequestMapping(value = "/getUserName", method = RequestMethod.GET)
    public Result getUserName(HttpServletRequest request) {
        try {
            org.springframework.security.core.userdetails.User user =
                    (org.springframework.security.core.userdetails.User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
            if (user != null) {
                request.getSession().setAttribute("user", user);
            }
            return new Result(true, MessageConstant.GET_USERNAME_SUCCESS, user.getUsername());
        } catch (Exception e) {
            e.printStackTrace();
            return new Result(false, MessageConstant.GET_USERNAME_FAIL);
        }
    }

    //密码修改
    @RequestMapping(value = "/passwordUser", method = RequestMethod.POST)
    public Result passwordUser(@RequestBody Map<String, Object> map, HttpServletRequest request) {
        try {
            //密码加密对象
            BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
            if (map != null) {
                String oldPassword = (String) map.get("oldPassword");
                String newPasswordOne = (String) map.get("newPasswordOne");
                String newPasswordTwo = (String) map.get("newPasswordTwo");
                //从session中获取 org.springframework.security.core.userdetails.User对象
                org.springframework.security.core.userdetails.User user =
                        (org.springframework.security.core.userdetails.User) request.getSession().getAttribute("user");
                String username = user.getUsername();
                //从数据库查询密码根据用户名
                User userRole = userService.findUsernameQueryPassword(username);
                //判断输入的旧密码是否正确
                if (userRole != null) {
                    String password = userRole.getPassword();
                    if (password != null) {
                        if (!encoder.matches(oldPassword,password)) {
                            return new Result(false, "原密码输入有误，请重试", 1);
                        }
                        if (oldPassword.equals(newPasswordOne)) {
                            return new Result(false, "密码未做任何修改", 2);
                        }
                        if (!newPasswordOne.equals(newPasswordTwo)) {
                            return new Result(false, "确认密码错误", 3);
                        }
                    }
                    //修改密码
                    userRole.setPassword(encoder.encode(newPasswordOne));
                    userService.passwordUser(userRole);
                }
            }
            return new Result(true, "修改密码成功");
        } catch (Exception e) {
            e.printStackTrace();
            return new Result(false, "修改密码失败");
        }
    }
}
